diff options
Diffstat (limited to 'meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch')
-rw-r--r-- | meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch b/meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch new file mode 100644 index 0000000000..9a8ceecbe7 --- /dev/null +++ b/meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch @@ -0,0 +1,45 @@ +From 22fd12b290adea788122044cb58dc9e77754644f Mon Sep 17 00:00:00 2001 +From: Vivek Kumbhar <vkumbhar@mvista.com> +Date: Thu, 17 Nov 2022 12:07:50 +0530 +Subject: [PATCH] CVE-2021-46848 + +Upstream-Status: Backport [https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5] +CVE: CVE-2021-46848 +Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> + +Fix ETYPE_OK off by one array size check. +--- + NEWS | 4 ++++ + lib/int.h | 2 +- + 2 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index f042481..d8f684e 100644 +--- a/NEWS ++++ b/NEWS +@@ -1,5 +1,9 @@ + GNU Libtasn1 NEWS -*- outline -*- + ++* Noteworthy changes in release ?.? (????-??-??) [?] ++- Fix ETYPE_OK out of bounds read. Closes: #32. ++- Update gnulib files and various maintenance fixes. ++ + * Noteworthy changes in release 4.16.0 (released 2020-02-01) [stable] + - asn1_decode_simple_ber: added support for constructed definite + octet strings. This allows this function decode the whole set of +diff --git a/lib/int.h b/lib/int.h +index ea16257..c877282 100644 +--- a/lib/int.h ++++ b/lib/int.h +@@ -97,7 +97,7 @@ typedef struct tag_and_class_st + #define ETYPE_TAG(etype) (_asn1_tags[etype].tag) + #define ETYPE_CLASS(etype) (_asn1_tags[etype].class) + #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \ +- (etype) <= _asn1_tags_size && \ ++ (etype) < _asn1_tags_size && \ + _asn1_tags[(etype)].desc != NULL)?1:0) + + #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \ +-- +2.25.1 + |